A notebook . . . on the Internet.

WordPress.com Secure Login

Automattic needs to draw more attention to the secure login page on WordPress.com. It exists, so why not direct users to it? There are support pages on configuring your dashboard to run through HTTPS, which is fine, but as long as the login process remains unencrypted, some information is still left exposed.

If a user blogs through an unsecured Wi-Fi hotspot (as many travelling bloggers might do), all it takes is someone sniffing while the user logs in for his or her account to be potentially compromised.

Many popular online services offer links to their secure login pages right from their home pages. Some email services, such as Gmail and Hotmail, have even defaulted to HTTPS.

Until Automattic provides a link to make the secure login page more obvious to users, you can navigate to https://wordpress.com/. And don’t forget to update your bookmarks.

On a related note, Twitter seems to be in the same boat. You can navigate to https://twitter.com/ to get their secure login.